| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter. |
| A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which an attacker can leverage to disclose sensitive information from the database. |
| Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request. |
| In Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and 0.6.0-incubating, an authenticated user with client/loan/center/staff/group read permissions is able to inject malicious SQL into SELECT queries. The 'sqlSearch' parameter on a number of endpoints is not sanitized and appended directly to the query. |
| Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end. |
| Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter. |
| FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter. |
| SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter. |
| Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter. |
| FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter. |
| FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter. |
| Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter. |
| Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter. |
| DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter. |
| FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter. |
| Yoga Class Script 1.0 has SQL Injection via the /list city parameter. |
| Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter. |
| Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter. |
| Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter. |
| Professional Service Script 1.0 has SQL Injection via the service-list city parameter. |
